E-Health Security Management - Omessaad Hamdi

. .

Résumé :

Chapter 1 Overview of e-Health Architectures 1
Omessaad Hamdi

1.1 Introduction 1

1.2 Definitions 2

1.2.1 e-Health 2

1.2.2 Telehealth 2

1.2.3 m-Health 2

1.2.4 Telemedicine 2

1.3 e-Health services 3

1.4 Requirements for e-health systems 4

1.5 e-Health system architecture 5

1.5.1 Components of an e-health architecture 6

1.5.2 Features of e-health systems 6

1.6 e-Health system technologies 8

1.6.1 Devices 8

1.6.2 Connecting technologies 9

1.6.3 Other technologies 10

1.7 Security in e-health systems 12

1.7.1 Security services 12

1.7.2 Legal environment for e-health systems 13

1.8 Medical data security 14

1.8.1 Cryptography 14

1.8.2 Biometrics 16

1.8.3 Blockchain 17

1.9 Perspectives 19

1.10 Conclusion 20

1.11 References 21

Chapter 2 Vulnerabilities in e-Health and Countermeasures 27
Aida Ben Chehida Douss And Ryma Abassi

2.1 Introduction 27

2.2 The importance of digitization in healthcare systems 28

2.3 The challenges of digitization in e-health systems 30

2.4 Cyber-attacks in the healthcare sector 31

2.4.1 Profiles of cybercriminals 32

2.4.2 Motivations of cybercriminals 33

2.4.3 Risks and repercussions 35

2.4.4 Types of attacks 36

2.5 Security incidents in the healthcare sector 39

2.5.1 Example of a phishing attack 40

2.5.2 Examples of ransomware attacks 40

2.5.3 Examples of data theft attacks 41

2.5.4 Examples of DDoS attacks 42

2.5.5 Example of an internal attack 42

2.6 Existing security measures for e-health systems 42

2.7 Recommendations for protecting e-health systems 45

2.7.1 Risk management methods 45

2.7.2 Technical and organizational recommendations 46

2.7.3 Raising awareness and training 47

2.8 Conclusion 48

2.9 References 49

Chapter 3 Security Policies for e-Health Systems 53
Ryma Abassi

3.1 Introduction 53

3.2 The concept of the security policy 54

3.2.1 Definition 54

3.2.2 Modeling a security policy 57

3.3 Environment for specifying, validating and testing security policies 61

3.3.1 Specifying a security policy 61

3.3.2 The concept of executable security policy 63

3.3.3 Testing a security policy 64

3.4 Security Services For E-Health Systems 66

3.4.1 The e-health concept 66

3.4.2 Comparison of national digital health infrastructure security policies 67

3.5 Security requirements for e-health platforms 69

3.5.1 Essential security functions 69

3.5.2 Security models 70

3.6 Future security challenges for e-health 73

3.7 Conclusion 74

3.8 References 74

Chapter 4 Adaptive, Dynamic, Decentralized Authorizations for e-Health 77
Tidiane Sylla, Mohamed Aymen Chalouf, L?o Mendiboure And Francine Krief

4.1 Introduction 77

4.2 Fundamental principles 79

4.2.1 Concept of e-health 79

4.2.2 Context-aware computing and security in the IoT 81

4.2.3 Authentication and Authorization for Constrained Environments (ACE-OAuth) 86

4.2.4 Blockchain 89

4.3 Proposal for dynamic, decentralized adaptation of e-health authorizations 91

4.3.1 Threat model for the environment under consideration 91

4.3.2 Proposed architecture for dynamic, decentralized authorization management 92

4.4 Conclusion 100

4.5 References 101

Chapter 5 Applying Blockchain to e-Health 107
Cyrine Lahsini, Faiza Hamdi And Omessaad Hamdi

5.1 Introdu...

Sommaire:
Digital evolution, whether through Internet advances or the development of connected objects, has triggered a veritable societal revolution. Thanks to technological advances, e-health services enable healthcare professionals to monitor patients in real time. However, new challenges have also arisen in the field of e-health, concerning the security of medical data, as well as the protection of patient privacy. After presenting e-health architectures and explaining the proliferation of cyber attacks, e-Health Security Management focuses on proposing solutions designed to meet these security imperatives and respect patient privacy, such as the use of blockchain, 'biometrics', new encryption methods or artificial intelligence. Implementing these solutions is crucial to guarantee the acceptance and effectiveness of e-health services.--...